Listing of Claims : 

1. (Previously Presented) A method of accessing a service with authentication and 
revocable anonymity, comprising the steps of: 

i) identifying and registering a client and providing the client with means for 
authenticating the client to an anonymous certification authority; 

ii) authenticating the client to the anonymous certification authority using the means 
provided in step i) and supplying the client with an anonymous certificate associated to a public 
key and configured to enable the client to authenticate the client anonymously to a server; 

iii) the client calculating data formed as a series of tokens, wherein an initialization 
token of the series of tokens is configured to enable an authentication session to be opened and 
tokens of the series of tokens other than the initialization token are configured to enable the 
authentication session to be maintained; 

iv) authenticating the client by producing an anonymous signature of the 
initialization token, the signatures being obtained using a private key associated with said public 
key and opening an anonymous authentication session with the server, wherein said anonymous 
signature is a unique signature used for said authentication session; 

v) maintaining the anonymous authentication session with the aid of the series of 
tokens, thereby enabling the server to prove each of the actions of the client; and 

vi) selectively allowing contact between the server and the anonymous certification 
authority to revoke the anonymity of the client using the anonymous signature provided in step iv. 



2. (Previously Presented) The method according to claim 1, further comprising: 
effecting communication between the anonymous certification authority and the server, before the 



authenticating of the client to the anonymous certification authority, whereby the server presents to 
said anonymous certification authority a request to obtain means enabling verification of the 
anonymous authentication supplied by a client, 

3. (Canceled) 

4. (Previously Presented) The method according to claim 1, wherein each of the tokens 
of the series of tokens is configured for one-time use and each of the tokens of the series of tokens 
is strongly interdependent. 

5. (Previously Presented) The method according to claim 1, wherein the tokens of the 
series of tokens are calculated using two cryptographic primitives, 

6. (Previously Presented) The method according to claim 4, wherein a first token W; of 
the series of tokens is obtained by applying a hashing function H to a random number, a second 
token W z of the series of tokens is obtained by applying the hashing function to the first token 
obtained, and so on until a token of rank n of the series of tokens defines the initialization token 
W„as: 

H(W 0 )=WiH(W n . 1 )=W n . 

7. (Canceled) 

8. (Canceled) 
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9. (Previously Presented) The method according to claim 6, wherein on each new 
authentication the client sends the server a token of the series of tokens of at least one unit lower 
rank than that previously used. 

10. (Previously Presented) The method according to claim 6, wherein on each new 
authentication the client sends the server a token Wj of the series of tokens whose rank (i) is 
representative of a value of an operation. 

11. (Previously Presented) The method according to claim 6, wherein the steps are 
applied to bidding and steps of the client submitting an increased bid are effected by sending 
successive tokens of lower rank. 

12. (Previously Presented) The method according to claim 1, further comprising using a 
group signature by associating a plurality of identifiers and respective private keys with a single 
group public key. 

13. (Previously Presented) The method according to claim 1, wherein the anonymous 
signature is a blind signature. 

14. (Previously Presented) The method according to claim 12, wherein a power to 
revoke anonymity is shared between two or more authorities. 



15. (Canceled) 



16. (Currently Amended) The system according to claim 22 [[15]], wherein the 
calculator first stage calculates the series of tokens based on two cryptographic primitives, wherein 
the two cryptographic primitives are a hashing function and a random number. 

17. (Currently Amended) The system according to claim 22 [[15]], wherein the system 
is configured to use a group signature by associating a plurality of identifiers and respective private 
keys with the public key being a single group public key. 

18. (Currently Amended) The system according to claim 22 [[15]], wherein the unique 
anonymous signature is a blind signature. 

19. (Currently Amended) The system according to claim 22 [[15]], wherein power to 
revoke anonymity is divided between two or more authorities. 

20. (Previously Presented) The method according to claim 5, wherein the two 
cryptographic primitives are a hashing function and a random number. 

21. (Previously Presented) The method according to claim 10, wherein the rank is 
representative of a number of bid increments. 
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22. (New) A system adapted to open and maintain an anonymous authentication 
session with revocable anonymity, the system comprising: 

an identifier configured to identify and register a client and to provide the client with means 
for authenticating the client to an anonymous certification authority; 

an authentication device configured to authenticate the client to the anonymous 
certification authority using the authenticating means and to supply the client with an anonymous 
certificate associated to a public key and configured to enable the client to authenticate the client 
anonymously to a server; 

a calculator configured to calculate data formed as a series of tokens, wherein an 
initialization token of the series of tokens is configured to enable an authentication session to be 
opened and tokens of the series of tokens other than the initialization token are configured to 
enable the authentication session to be maintained; 

a producer for producing an anonymous signature of the initialization token, the signatures 
being obtained using a private key associated with said public key and opening an anonymous 
authentication session with the server, wherein said anonymous signature is a unique signature 
used for said authentication session to authenticate the client; 

wherein the anonymous authentication session is maintained with the aid of the series of 
tokens, thereby enabling the server to prove each of the actions of the client; and 

wherein selective contact is provided between the server and the anonymous certification 
authority to revoke the anonymity of the client using the anonymous signature. 
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